IIA India works together with the IIA, Global in providing Internal Auditing Practitioners, Executive Management and Board of Directors with standards, guidance and information on best practices in Internal Auditing.
IIA, Inc has developed several resources, toolkits and materials which are ideal for elevating the profession and enhancing professionalism.
What is Internal Auditing?
Performed by professionals with an in-depth understanding of the business culture, systems, and processes, the internal audit activity provides assurance that internal controls in place are adequate to mitigate the risks, governance processes are effective and efficient, and organizational goals and objectives are met.
The Institute of Internal Auditors (IIA) has developed the globally accepted definition of internal auditing, as follows:
Internal Auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
Independence is established by the organizational and reporting structure. Objectivity is achieved by an appropriate mind-set. The internal audit activity evaluates risk exposures relating to the organization's governance, operations and information systems, in relation to:
- Effectiveness and efficiency of operations.
- Reliability and integrity of financial and operational information.
- Safeguarding of assets.
- Compliance with laws, regulations, and contracts.
Based on the results of the risk assessment, the internal auditors evaluate the adequacy and effectiveness of how risks are identified and managed in the above areas. They also assess other aspects such as ethics and values within the organization, performance management, communication of risk and control information within the organization in order to facilitate a good governance process.
The internal auditors are expected to provide recommendations for improvement in those areas where opportunities or deficiencies are identified. While management is responsible for internal controls, the internal audit activity provides assurance to management and the audit committee that internal controls are effective and working as intended. The internal audit activity is led by the chief audit executive (CAE). The CAE delineates the scope of activities, authority, and independence for internal auditing in a written charter that is approved by the audit committee.
An effective internal audit activity is a valuable resource for management and the board or its equivalent, and the audit committee due to its understanding of the organization and its culture, operations, and risk profile. The objectivity, skills, and knowledge of competent internal auditors can significantly add value to an organization's internal control, risk management, and governance processes. Similarly an effective internal audit activity can provide assurance to other stakeholders such as regulators, employees, providers of finance, and shareholders.
As the primary body for the internal audit profession, The IIA maintains the International Standards for the Professional Practice of Internal Auditing and the profession s Code of Ethics. IIA members are required to adhere to the Standards and Code of Ethics.
References: The Professional Practices Framework, The IIA Research Foundation, January 2004.